Category
Sort By
AWS recommends to rotate your IAM user's Access keys periodically. Sometime we create access keys for IAM user and keep using it. We forget to rotate the keys after a period of time, which is not considered as a good practice. Recently, we came across a use case wherein we were supposed to rotate the access keys which were created 90...
Recently, I was trying to implement a use case wherein, the server launched by an autoscaling group should automatically connects to chef server and register itself as node. The Problem Statement: How to install Chef Client on a node launched by aws autoscaling group? Step 1. Prepare AMI with chef-client installed To install...
Today we're going to demonstrate the use of switch role feature that AWS has introduced a few months back. This feature enables an IAM user to use switch role directly in AWS Management Console to access resources across multiple AWS accounts. E.g Lets say an IAM user X of Account 1 wants to access resources associated with Account 2....
Consider a use case where in any team members have opened port 22 for 0.0.0.0/0 inside an EC2 security group and forgot, which is a big security concern for the Instances. So I have written a script using python boto library which scans all the security groups of running / stopped instances and sends an email to all stakeholders on...
The Nginx web server comes with a bundled module "HttpStubStatusModule". By enabling this module we will get some insight of our nginx connections. This module provides the following information. Active Connections Connection Status (Accepted / Handled) Connection Request / Second Enable Module To get connection stats, we need to...
In continuation with my previous blog "Getting Started with Boto ( python Interface for AWS )", today we are going to discuss one of the use case that we used to do daily. Deleting EBS Snapshot which is N days older. We'll be writing python script using Boto library to delete EBS snapshots which is 30 days older. For this we will be...
Amazon RDS provides us with three different types of logs : 1) General Logs 2) Slow Query Logs 3) Error Logs You can enable these logs by modifying the DB Parameter Group. 1) Enable General Log [js] Parameter Name : general_log Value : set the value to 1. Default is 0. [/js] 2) Enable Slowquery Log [js] ...
Introduction Boto is a python package which provides an interface for AWS. With boto library, we can call the AWS resources using python script. This article walks you through the step by step guide for using boto library for calling AWS resources. Step 1 : Installation Step 2 : Configuration Step 3 : Creating...
Terraform is a tool for creating, managing and versioning the infrastructure effectively. Terraform provides a common configuration to launch infrastructure of physical servers, DNS, Email Servers. With terraform, we will be launching servers using simple file based configuration ( JSON based ) and maintain versioning for each launch on...
AWS Config, a web service being introduced this AWS re:invent. This web service is currently available for North Virginia Region. AWS Config enables Customer to get a complete view of configuration of AWS resources (EC2 Instance, Elastic IP, Security Groups , VPC , Internet Gateway etc) associated with your AWS account and also enables to...
Today we'll be implementing an S3 bucket policy for storing multiple Elastic Load Balancer access logs on a single S3 bucket. Instead of having multiple S3 bucket for each ELB access logs, we'll create only one S3 bucket for storing all ELB's access logs. This section walks you through the step by step guide for configuring S3...
Sometimes we get the requirement to change the key-pair for some security reasons. In this article, we will be changing the key pair of running EC2 instances. Steps: 1. Create a new key pair from AWS Console. 2. Generate Public key from newly created key pair ( Private Key ). 3. Paste the generated public key ( from Step 2 ) in...
